{"vulnerability": "CVE-2021-4118", "sightings": [{"uuid": "c4f2a618-8605-4d56-a119-cf91630144e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41182", "type": "seen", "source": "MISP/31676e06-066b-46a9-a1c0-2da31391565a", "content": "", "creation_timestamp": "2023-04-11T05:15:22.000000Z"}, {"uuid": "2d3313da-5c2b-467a-8db0-fb4011183472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41181", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-41181\n\ud83d\udd25 CVSS Score: 2.4 (cvssV3_1, Vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Nextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker could gain access to the chat messages and files of the user. It is recommended that the Nextcloud Android Talk App is upgraded to 12.3.0. There are no known workarounds.\n\ud83d\udccf Published: 2022-03-08T17:50:10.000Z\n\ud83d\udccf Modified: 2025-04-23T18:58:39.326Z\n\ud83d\udd17 References:\n1. https://github.com/nextcloud/security-advisories/security/advisories/GHSA-497c-c8hx-6qcf\n2. https://github.com/nextcloud/talk-android/pull/1585", "creation_timestamp": "2025-04-23T19:05:22.000000Z"}, {"uuid": "6f72b643-8a6f-448d-bcbc-0ce99e4284b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41182", "type": "seen", "source": "https://bsky.app/profile/MichaelAltfield.mastodon.social.ap.brid.gy/post/3mecdvknanm72", "content": "", "creation_timestamp": "2026-02-07T21:19:50.843505Z"}, {"uuid": "f0b91359-e544-4a71-843b-01334f5b07d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41182", "type": "seen", "source": "https://t.me/ctinow/182502", "content": "https://ift.tt/84vbMek\nCVE-2021-41182 | Oracle Retail Customer Management and Segmentation Foundation Internal Operations cross site scripting", "creation_timestamp": "2024-02-10T09:41:22.000000Z"}, {"uuid": "9f292b4a-cee3-47e7-b5e3-658d043a0f2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41186", "type": "seen", "source": "https://t.me/cibsecurity/31460", "content": "\u203c CVE-2021-41186 \u203c\n\nFluentd collects events from various data sources and writes them to files to help unify logging infrastructure. The parser_apache2 plugin in Fluentd v0.14.14 to v1.14.1 suffers from a regular expression denial of service (ReDoS) vulnerability. A broken apache log with a certain pattern of string can spend too much time in a regular expression, resulting in the potential for a DoS attack. This issue is patched in version 1.14.2 There are two workarounds available. Either don't use parser_apache2 for parsing logs (which cannot guarantee generated by Apache), or put patched version of parser_apache2.rb into /etc/fluent/plugin directory (or any other directories specified by the environment variable `FLUENT_PLUGIN` or `--plugin` option of fluentd).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-29T18:18:13.000000Z"}, {"uuid": "3dbab9bb-36dd-449a-9a17-66e71865af54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41180", "type": "seen", "source": "https://t.me/cibsecurity/38544", "content": "\u203c CVE-2021-41180 \u203c\n\nNextcloud talk is a self hosting messaging service. In versions prior 12.1.2 an attacker is able to control the link of a geolocation preview in the Nextcloud Talk application due to a lack of validation on the link. This could result in an open-redirect, but required user interaction. This only affected users of the Android Talk client. It is recommended that the Nextcloud Talk App is upgraded to 12.1.2. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-08T20:40:52.000000Z"}, {"uuid": "25fbc186-f501-40db-8445-f2f5f3153808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41181", "type": "seen", "source": "https://t.me/cibsecurity/38543", "content": "\u203c CVE-2021-41181 \u203c\n\nNextcloud talk is a self hosting messaging service. In versions prior to 12.3.0 the Nextcloud Android Talk application did not properly detect the lockscreen state when a call was incoming. If an attacker got physical access to the locked phone, and the victim received a phone call the attacker could gain access to the chat messages and files of the user. It is recommended that the Nextcloud Android Talk App is upgraded to 12.3.0. There are no known workarounds.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-09T07:17:44.000000Z"}, {"uuid": "9547e95c-014c-4b04-b258-b31e9be59bdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41187", "type": "seen", "source": "https://t.me/cibsecurity/31584", "content": "\u203c CVE-2021-41187 \u203c\n\nDHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability has been found in specific versions of DHIS2. This vulnerability affects the API endpoints for /api/trackedEntityInstances and api/events in DHIS2. The system is vulnerable to attack only from users that are logged in to DHIS2, and there is no known way of exploiting the vulnerability without first being logged in as a DHIS2 user. A successful exploit of this vulnerability could allow the malicious user to read, edit and delete data in the DHIS2 instance. There are no known exploits of the security vulnerabilities addressed by these patch releases. However, we strongly recommend that all DHIS2 implementations using versions 2.32, 2.33, 2.34, 2.35 and 2.36 install these patches as soon as possible. There is no straightforward known workaround for DHIS2 instances using the Tracker functionality other than upgrading the affected DHIS2 server to one of the patches in which this vulnerability has been fixed. For implementations which do NOT use Tracker functionality, it may be possible to block all network access to POST to the /api/trackedEntityInstance and /api/events endpoints as a temporary workaround while waiting to upgrade.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-02T01:34:27.000000Z"}, {"uuid": "544af26c-8b03-4b01-ab50-2df0fcced95a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41189", "type": "seen", "source": "https://t.me/cibsecurity/31477", "content": "\u203c CVE-2021-41189 \u203c\n\nDSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a workaround, users of 7.0 may temporarily disable the ability for community or collection administrators to manage permissions or workflows settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-29T22:18:29.000000Z"}, {"uuid": "c1826734-1d6c-4ca7-bcc5-4309cc81e166", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4118", "type": "seen", "source": "https://t.me/cibsecurity/34574", "content": "\u203c CVE-2021-4118 \u203c\n\npytorch-lightning is vulnerable to Deserialization of Untrusted Data\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-23T20:21:15.000000Z"}, {"uuid": "e90b408a-a9af-46b1-b99b-1bf986966a80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41188", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/31227", "content": "\u203c CVE-2021-41188 \u203c\n\nShopware is open source e-commerce software. Versions prior to 5.7.6 contain a cross-site scripting vulnerability. This issue is patched in version 5.7.6. Two workarounds are available. Using the security plugin or adding a particular following config to the `.htaccess` file will protect against cross-site scripting in this case. There is also a config for those using nginx as a server. The plugin and the configs can be found on the GitHub Security Advisory page for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:11.000000Z"}, {"uuid": "882fe0cd-a832-48e2-b8b8-712086f88b04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41183", "type": "seen", "source": "https://t.me/cibsecurity/31224", "content": "\u203c CVE-2021-41183 \u203c\n\njQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now always treated as pure text, not HTML. A workaround is to not accept the value of the `*Text` options from untrusted sources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:05.000000Z"}, {"uuid": "562c7b73-b772-402b-a9c8-663c70f8f721", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41182", "type": "seen", "source": "https://t.me/cibsecurity/31231", "content": "\u203c CVE-2021-41182 \u203c\n\njQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now treated as a CSS selector. A workaround is to not accept the value of the `altField` option from untrusted sources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:19.000000Z"}, {"uuid": "2549f45e-2442-463d-bd73-a030153ca0c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41185", "type": "seen", "source": "https://t.me/cibsecurity/31222", "content": "\u203c CVE-2021-41185 \u203c\n\nMycodo is an environmental monitoring and regulation system. An exploit in versions prior to 8.12.7 allows anyone with access to endpoints to download files outside the intended directory. A patch has been applied and a release made. Users should upgrade to version 8.12.7. As a workaround, users may manually apply the changes from the fix commit.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:02.000000Z"}, {"uuid": "8a69ec1d-cbc4-400a-83f5-c9b853c457c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41184", "type": "seen", "source": "https://t.me/cibsecurity/31221", "content": "\u203c CVE-2021-41184 \u203c\n\njQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a CSS selector. A workaround is to not accept the value of the `of` option from untrusted sources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:00.000000Z"}]}